GlobalProtect Discussions | Palo Alto Networks

Enforce Global protect

Hi Everyone,

I have a query on Global Protect.

Requirement :

one of our customer wants the requirement

if user is working from home internet should only work on his laptop if he is connected to global protect

if user is not connected to global prot

...

One security access policy not working but other is working

Hi All,

We defined different user roles in Portal to access the application and tools from the same user and we can see one application is running fine in the browser but other tools are not being connected on port 22.

Security access-policy is not bei

...

Resolved! GlobalProtect pre-deployment with enforcement control

We are preparing the rollout of our Prisma Access with new GP agent deployment on notebooks. Could we enable the enforcement setting during the installation rather than download from portal? All new machines will be pre-installed the agent and we can

...

Global Protect Android connection problem

After upgrading PA from 9.1.1 to new version 11.1.4-h1

Some android devices cant connect GP vpn.Some old android versions connect without problem.

GlobalProtect: Connection Failed. The network is unreachable or the portal is unresponsive. Check the

...

Resolved! GlobalProtect SSL Cert change take effect immediately or require new GP session login?

If I update an existing certificate for GlobalProtects Portal and Gateway does anyone know if that certificate change impacts existing already running connections once pushed or does it only take effect when someone reconnects again?

Resolved! Global Connect - Reverse VPN

We have been asked to connect to a customer using GlobalProtect, but are concerned about the possible risk of VPN reverse tunnel.

Is there a control in the software to restrict this and protect our network? (is it even a thing with GlobalProtect?)

Curr

...

Global Protect not taking new AD password

Hello,

Whenever we change any AD password, GB doesn't take the new password for like 2-3 hours. Can anyone please help me.

PA OS- 11.1.4-h1

GP - 6.3.1-376

Thanks in advanced.

macOS GP client says its connected - but it really isnt

removed

Resolved! Matching client config not found

I have a user trying to connect via Global Protect from a Win 11 client. The error is "matching client config not found". I have no issues at all connecting as that same user from a Win 10 client. Also we use Mini Orange for MFA which sends an SMS c

...

Resolved! Global protect configuration on Ipad and Iphone devices and Firewall configuration

Hi all, I have been consulting with TAC to configure Global protect for IOS devices (ipad, iphone), I use the same certificate that we use for PCs and it works correctly on PCs but on ipad and Iphone it does not work.
I would like to ask if anyone kno

...

Global Protect Auth Failure after FW upgraded to 11.2.4-h1

Hello,

We upgraded our firewalls to 11.2.4-h1 to patch the critical vulnerability recently discovered.

We use Global Protect with AO VPN and enforce network connection.

A problem we are seeing this morning is when our Global Protect clients are

...

global protect with SAML SSO authentication failed

after upgrading to gp client 6.2.6, we are facing authentication failed issue with few users.

user clicks to connect and then embedded browser shows error " authentication failed". log shows " Authentication failed: empty password'"

GPS logs shows t

...

Resolved! Portal access lost while connected to external gateway

This is a GP configuration that works, but the portal doesn't respond to web requests from the client while the client is connected to the gateway. There is only an external gateway. The portal and gateway share the same IP on an Internet-facing inte

...

GP continues reconnection attempts & shows "notifications" after explicit disconnect

App version: 6.2.3-270

User's steps:

Connect or just try to connect
Explicitly disconnect via ~~burger button -> disconnect~~ / cancel button.

Current behavior:

tries to reconnect
shows popup for OTP
tray icon is blinking

Expected: GP does nothing.

What is the expected behavior in GlobalProtect pre-login with a single gateway?

I am playing around with a new GlobalProtect configuration, using a pre-login always-on configuration with a single gateway. The pre-login VPN works fine. My understanding is that when a user logins into the PC, the tunnel is supposed to rename itsel

...

Discussions

Enforce Global protect

One security access policy not working but other is working

Resolved! GlobalProtect pre-deployment with enforcement control

Global Protect Android connection problem

Resolved! GlobalProtect SSL Cert change take effect immediately or require new GP session login?

Resolved! Global Connect - Reverse VPN

Global Protect not taking new AD password

macOS GP client says its connected - but it really isnt

Resolved! Matching client config not found

Resolved! Global protect configuration on Ipad and Iphone devices and Firewall configuration

Global Protect Auth Failure after FW upgraded to 11.2.4-h1

global protect with SAML SSO authentication failed

Resolved! Portal access lost while connected to external gateway

GP continues reconnection attempts & shows "notifications" after explicit disconnect

What is the expected behavior in GlobalProtect pre-login with a single gateway?

Global Protect Connectivity Issue

GlobalProtect Agent constantly 'Not Responding'.

GP and auth fails

One Certificate Profile with multiple certificates

linux /etc/iproute2/rt_tables filled with 231 pangp.include and 232 pangp.exclude

Re: Global Protect Connectivity Issue

Okta Verify window behind GP login window fix

Re: Option for downloading ARM64 for customer from portal vpn.xxx.xx

Re: Local and SAML users authentication on the single GP Portal and Gateway

Troubleshooting PanGPS Services Not Working/Running. Error: 1068 while running PanGPS service.

Unlock your full community experience!

Resolved! GlobalProtect pre-deployment with enforcement control

Resolved! GlobalProtect SSL Cert change take effect immediately or require new GP session login?

Resolved! Global Connect - Reverse VPN

Resolved! Matching client config not found

Resolved! Global protect configuration on Ipad and Iphone devices and Firewall configuration

Resolved! Portal access lost while connected to external gateway